1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
..
.. SPDX-License-Identifier: MPL-2.0
..
.. This Source Code Form is subject to the terms of the Mozilla Public
.. License, v. 2.0. If a copy of the MPL was not distributed with this
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
..
.. See the COPYRIGHT file distributed with this work for additional
.. information regarding copyright ownership.
Notes for BIND 9.16.13
----------------------
New Features
~~~~~~~~~~~~
- A new ``purge-keys`` option has been added to ``dnssec-policy``. It
sets the period of time that key files are retained after becoming
obsolete due to a key rollover; the default is 90 days. This feature
can be disabled by setting ``purge-keys`` to 0. :gl:`#2408`
Feature Changes
~~~~~~~~~~~~~~~
- When serve-stale is enabled and stale data is available, ``named`` now
returns stale answers upon encountering any unexpected error in the
query resolution process. This may happen, for example, if the
``fetches-per-server`` or ``fetches-per-zone`` limits are reached. In
this case, ``named`` attempts to answer DNS requests with stale data,
but does not start the ``stale-refresh-time`` window. :gl:`#2434`
Bug Fixes
~~~~~~~~~
- Zone journal (``.jnl``) files created by versions of ``named`` prior
to 9.16.12 were no longer compatible; this could cause problems when
upgrading if journal files were not synchronized first. This has been
corrected: older journal files can now be read when starting up. When
an old-style journal file is detected, it is updated to the new format
immediately after loading.
Note that journals created by the current version of ``named`` are not
usable by versions prior to 9.16.12. Before downgrading to a prior
release, users are advised to ensure that all dynamic zones have been
synchronized using ``rndc sync -clean``.
A journal file's format can be changed manually by running
``named-journalprint -d`` (downgrade) or ``named-journalprint -u``
(upgrade). Note that this *must not* be done while ``named`` is
running. :gl:`#2505`
- ``named`` crashed when it was allowed to serve stale answers and
``stale-answer-client-timeout`` was triggered without any (stale) data
available in the cache to answer the query. :gl:`#2503`
- If an outgoing packet exceeded ``max-udp-size``, ``named`` dropped it
instead of sending back a proper response. To prevent this problem,
the ``IP_DONTFRAG`` option is no longer set on UDP sockets, which has
been happening since BIND 9.16.11. :gl:`#2466`
- NSEC3 records were not immediately created when signing a dynamic zone
using ``dnssec-policy`` with ``nsec3param``. This has been fixed.
:gl:`#2498`
- A memory leak occurred when ``named`` was reconfigured after adding an
inline-signed zone with ``auto-dnssec maintain`` enabled. This has
been fixed. :gl:`#2041`
- An invalid direction field (not one of ``N``, ``S``, ``E``, ``W``) in
a LOC record resulted in an INSIST failure when a zone file containing
such a record was loaded. :gl:`#2499`
Known Issues
~~~~~~~~~~~~
- There are no new known issues with this release. See :ref:`above
<relnotes_known_issues>` for a list of all known issues affecting this
BIND 9 branch.
|
